Too many requests. CLI
We are trying to push out unique passwords to a particular record type that resides in about 300 different vaults. We are hitting a rate-limit and are unsure what delay to include to ensure we are not limited (we are up to 20s already), the account also becomes locked out at that point. Is there a way to programmatically deploy passwords to many different vaults without running into this limit? If not, then is there a specific interval that we should incorporate between each 'op edit item' command to ensure we don't trip the limit? Thanks.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hey @itsthecode ,
It is a bit hard to say without seeing the script, but here are some generic suggestions that might point you in the right direction:
- When calling or editing an item, use the item's UUID instead of the item's name, e.g.
op edit item llbojz74ee73z7icwpqf4w3xieinstead ofop edit item AWSLogin, which would prevent the need of the CLI to compare the names of all login items and save some requests. - When calling or editing an item, specify the vault's UUID as well in the same command, so the CLI won't have to call all vaults one by one to search for it (using the
--vaultflag followed by the vault's UUID). - If you are using version 1.8 or higher of the CLI , you can add the
--cacheflag and it will cache the vault locally so it doesn't have to call an endpoint again if it has seen it before. That should further reduce the number of calls and ensure you don't hit the limiter. The command would then look like this:op get item $itemuuid --vault $itemvaultuuid --cache
In case you are still encountering the rate limit and are being locked out of your account, I'd suggest you email us the script (after removing the secrets from it) to support@1password.com with a short description and a link to this discussion. :chuffed:
0 - When calling or editing an item, use the item's UUID instead of the item's name, e.g.
